cancel
Showing results for 
Search instead for 
Did you mean: 
tassha
Level 9
Report Inappropriate Content
Message 1 of 7

How can you tell if a specific malware is being detected by a DAT version

Jump to solution

BLUF: I have been asked to check if the DAT we have deployed is detecting SHAMOON. I dont know how to find that answer. 

1 Solution

Accepted Solutions
McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 6 of 7

Re: How can you tell if a specific malware is being detected by a DAT version

Jump to solution

No, you can check if we detect it but not SINCE when.

That hash has been detected by DAT since 14/12/2018 (DAT version 9107)

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
6 Replies
McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: How can you tell if a specific malware is being detected by a DAT version

Jump to solution

If you have known hashes you can check them on virustotal (https://www.virustotal.com), based on known hashes I've received from other customers, I can confirm we have coverage. You can also refer to this Threat Advisory for Trojan-Wiper (aka DistTrack aka Shamoon)PD25630

You can also raise a MALWARE service request with us to check for detection but we would ask you to provide a list of hashes / IoC or samples to check against.

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
tassha
Level 9
Report Inappropriate Content
Message 3 of 7

Re: How can you tell if a specific malware is being detected by a DAT version

Jump to solution

So I saw it was "detected" by McAfee on Virus Total and I agreee, that shows it is covered. But how do you know which DAT version added it?

McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 4 of 7

Re: How can you tell if a specific malware is being detected by a DAT version

Jump to solution

If you share the hash you were checking, I'm happy to look that up for you!

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
tassha
Level 9
Report Inappropriate Content
Message 5 of 7

Re: How can you tell if a specific malware is being detected by a DAT version

Jump to solution

That is kind of you. It is c3ab58b3154e5f5101ba74fccfd27a9ab445e41262cdf47e8cc3be7416a5904f.

So there is no way for ME to find that information? 

McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 6 of 7

Re: How can you tell if a specific malware is being detected by a DAT version

Jump to solution

No, you can check if we detect it but not SINCE when.

That hash has been detected by DAT since 14/12/2018 (DAT version 9107)

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
tassha
Level 9
Report Inappropriate Content
Message 7 of 7

Re: How can you tell if a specific malware is being detected by a DAT version

Jump to solution

Well thanks again! That helped me!

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator